In this example the anchore-engine is version 0.2.3 and the database schema is version 0.0.6. In cases where the database schema is changed between releases of the anchore-engine, the engine will upgrade the database schema at launch.

Pre-upgrade Procedure

Prior to upgrading anchore-engine, we highly recommend performing a database backup/snapshot by stopping your anchore-engine installation, and backing up the anchore engine database in its entirely. There is no automatic downgrade capability in anchore-engine, thus the only way to downgrade after an upgrade (whether it succeeds or fails) is to restore your database contents to a state from a prior version of anchore-engine, and explicitly run the compatible version of anchore-engine against the corresponding database contents.

Whether or not you wish to have the ability to downgrade, we recommend backing up your anchore-engine database prior to upgrading the software as a best practice.

Upgrade Procedure (example with docker-compose)

Stop all running instances of the Anchore Engine

# docker-compose down

Modify your docker-compose.yaml file to reference the desired version of anchore-engine (or if set to 'latest', your can skip this step)

To monitor the progress of your upgrade, you can watch the docker logs from your anchore-engine container, where you should see some initial output indicating whether or not an upgrade is needed or being performed, followed by the regular anchore-engine log output.

# docker-compose logs -f anchore-engine

Once completed, you can review the new state of your engine to verify the new version is running using the regular system status command

Advanced / Manual Upgrade Procedure

If for any reason the automated upgrade fails, or you would like to perform the upgrade of the anchore database manually, you can use the following (general) procedure. This should only be done by advanced operators after backing up the anchore database, ensuring that the anchore database is up and running, and that all running anchore-engine components are stopped.

Install the desired anchore-engine container manually

Run the anchore-engine container but override the entrypoint to run an interactive shell instead of the default 'anchore-manager service start' entrypoint command